ID CVE-2010-4301
Summary epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
References
Vulnerable Configurations
  • Wireshark 1.4.0
    cpe:2.3:a:wireshark:wireshark:1.4.0
  • Wireshark 1.4.1
    cpe:2.3:a:wireshark:wireshark:1.4.1
CVSS
Base: 5.0 (as of 29-11-2010 - 11:06)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service. Dos exploits for multiple platform
file exploits/multiple/dos/15973.txt
id EDB-ID:15973
last seen 2016-02-01
modified 2011-01-11
platform multiple
port
published 2011-01-11
reporter Fred Fierling
source https://www.exploit-db.com/download/15973/
title Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service
type dos
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201110-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-201110-02 (Wireshark: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send specially crafted packets on a network being monitored by Wireshark, entice a user to open a malformed packet trace file using Wireshark, or deploy a specially crafted Lua script for use by Wireshark, possibly resulting in the execution of arbitrary code, or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-07-11
    plugin id 56426
    published 2011-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56426
    title GLSA-201110-02 : Wireshark: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_WIRESHARK-110331.NASL
    description Wireshark was updated to version 1.4.4 to fix several security issues
    last seen 2018-09-02
    modified 2018-06-29
    plugin id 53315
    published 2011-04-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53315
    title SuSE 11.1 Security Update : wireshark (SAT Patch Number 4267)
  • NASL family Windows
    NASL id WIRESHARK_1_4_2.NASL
    description The installed version of Wireshark is 1.2.x less than 1.2.13 or 1.4.x less than 1.4.2. Such versions are affected by the following vulnerabilities: - An error exists in the LDSS dissector that allows a series of malformed packets to cause a buffer overflow. (5318) - An error exists in the ZigBee ZCL dissector that allows a series of malformed packets to cause the dissector to enter an infinite loop. (5303)
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 50678
    published 2010-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50678
    title Wireshark < 1.2.13 / 1.4.2 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_WIRESHARK-101222.NASL
    description Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 53808
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53808
    title openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_WIRESHARK-101222.NASL
    description Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 53689
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53689
    title openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_WIRESHARK-101222.NASL
    description Wireshark version 1.4.2 fixes several security issues that allowed attackers to crash wireshark or potentially even execute arbitrary code (CVE-2010-1455, CVE-2010-2283, CVE-2010-2284, CVE-2010-2285, CVE-2010-2286, CVE-2010-2287, CVE-2010-2992, CVE-2010-2993, CVE-2010-2994, CVE-2010-2995, CVE-2010-3445, CVE-2010-4300, CVE-2010-4301)
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 75771
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75771
    title openSUSE Security Update : wireshark (openSUSE-SU-2011:0010-2)
oval via4
accepted 2013-08-19T04:00:30.251-04:00
class vulnerability
contributors
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment Wireshark is installed on the system.
oval oval:org.mitre.oval:def:6589
description epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
family windows
id oval:org.mitre.oval:def:14713
status accepted
submitted 2012-02-27T15:34:33.178-04:00
title Vulnerability in ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1
version 8
refmap via4
bid 44986
confirm
misc https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5315&action=edit
osvdb 69355
secunia
  • 42290
  • 42877
  • 43068
suse
  • SUSE-SR:2011:001
  • SUSE-SR:2011:002
vupen
  • ADV-2010-3038
  • ADV-2011-0076
  • ADV-2011-0212
Last major update 13-08-2012 - 23:20
Published 26-11-2010 - 14:00
Last modified 18-09-2017 - 21:31
Back to Top